At Shire, we are proud and grateful to employ military veterans and thank them for their contributions to our company and our country. See where your military experience can play a role at Shire by using our military skills translator job search tool below:
NASCO Senior Architect, Cybersecurity in Des Moines, Iowa
Under general direction, the Senior Architect, Cybersecurity, is primarily responsible for shaping security solutions and playing a key role in the evolution of the organization’s Enterprise Architecture and Security functions. This role is responsible for providing security-related thought leadership and architecture guidance across a wide range of technologies and business initiatives. This role is accountable for establishing Information Security Standards, Technologies, Patterns, Reference Architectures and Best Practices and ensuring their adoption across all Product and corporate solutions. This includes advising and guiding the business and delivery teams in the planning, design and implementation of all solutions. This position reports to the Chief Information Security Officer regarding work, projects, and other engagements, and works as part of a matrixed IT organization to help bridge the gaps between business leadership, risk management and IT delivery in terms of Information Security Architecture and Technology.
Develops security architecture strategies for the organization in the form of standards, frameworks and guidelines, with the emphasis on application security, network security and identity and access management concerns
Serves as primary information security interface to collaborate with product teams, business representatives, systems development and business users for establishing business requirements, information security functional requirements, security solution options and implementation plans
Advises and contributes to strategies and initiatives to strengthen the Security Program which is identified as part of the corporate Information Security Practice or HITRUST corporate compliance
Provides security controls, processes and technical advisory support to business units and projects by working cross-functionally to develop and implement strategies that balance security recommendations with business needs
Works with leadership to develop a run book for the operational organization to enable safe and rapid responses to reported vulnerability disclosures
Provides mentoring and technical leadership to the team
Acts as Subject Matter Expert and provides third-level support, resolving the most difficult technical issues
Establishes and maintains an effective relationship with product management and product engineering leadership as a trust advisor
Adapts and supports the enterprise business strategy, gains executive approval and support, and oversees successful execution of initiatives
Reviews and gains approval of security specific technical solutions through the architecture governance process
Helps define department strategic objectives and drives business outcomes in alignment to the organizational strategy
Required Knowledge, Skills, and Abilities:
Basic understanding of HITRUST framework
Broad knowledge of information security processes and technologies such as: business process design, risk assessment, minimum baseline security controls (*nix, Windows, network protocols, common services), data classification and management, security monitoring and log analysis, incident management, , application and database architectures, SDLC, system planning and integration, and security metrics
Advanced knowledge of technologies such as operating systems, directory services and network protocols
Basic knowledge of database applications, spread sheet design, and report writing software
Advanced written and verbal communications skills
Ability to facilitate the development and application of architecture artifacts between product and engineering teams and customers
Effective communication skills, both verbal and written, including the ability to communicate appropriately across all levels of an organization
Advanced knowledge of business to business (B2B) and business to consumer (B2C) product lifecycle management and technology road-mapping processes
Knowledge of multiple delivery methodologies, product operating models, and SaaS product deployment environments
Intermediate skills in cloud security architecture and standard cloud security configurations and controls
Ability to accomplish service goals, objectives and metrics consistent with Information Security Department strategic plans and business service level agreements
Ability to resolve business security conflicts taking into consideration policy, risk and business needs
Ability to perform trade-off and risk analysis and, if necessary, process and manage exceptions to achieve business needs
Advanced knowledge of network security and principals
Advanced knowledge of PKI, TLS/SSL, and basic cryptography principals
Advanced knowledge of Identity and Access Management principals and Privileged Access Management, including SAML2, OpenID Connect, and OAuth2
Basic knowledge of automation and scripting
5 - 8 years of experience in enterprise security architecture role
10 years of IT infrastructure architecture and/or operations experience
4 years of experience in Large Scale System design (ERP, Custom, etc) and implementation
3 years of experience with commercial and open source security applications and technologies (e.g. malware prevention, DLP, IDS/IDP, cryptography, vulnerability scanning and penetration testing), as well as related protocols and tools (e.g. SSH, SSL/TLS, snort, port scanners, rootkit detectors, etc.)
3 years of experience performing network and application security penetration testing and/or threat assessments
3 years of experience architecting solutions in a cloud environment
- Certification: CISSP
Benefits and Perks:
Work/Life Balance – NASCO helps you find success at the workplace, and at home.
Employee Recognition and Bonus Programs – When NASCO is successful so are our employees!
Tuition Assistance – Learn, develop, and grow… on our dime!
E-Learning – Comprehensive and current library of e-learning and performance support assets, available on demand and at no cost.
Choice of Blue Cross Blue Shield Medical, Dental and Vision Plans
Company-funded spending/reimbursement accounts to help with out-of-pocket medical expenses
17 Days of Paid Time Off (PTO) per year – not including major holidays. That’s just starting out.
Company discount plans on mobile, technology services, etc., to help you save money.
NASCO is an Equal Opportunity Employer/veterans/disability/race/color/religion/sex/sexual orientation/gender identity/national origin. Must have legal authority to work in the US.
We will not accept applicants that use AI when answering the screening questions. Applicants who use AI to answer any questions or to complete their application will not be considered for employment.
Location US-Home Office/ Remote
# Positions 1
Category Security Operations
Travel Requirements 0-20%